MozillaThunderbird/tar_stamps at 2f400cc8633b9a21d0aab141a5f91ec2606210c5dfa86e32da21a93d1553d083 - MozillaThunderbird - openSUSE Gitea

rpm/MozillaThunderbird

SHA256

forked from pool/MozillaThunderbird

Wolfgang Rosenauer 2f400cc863 - Mozilla Thunderbird 102.7.1

* Microsoft Office 365 accounts were unable to authenticate
  * https://www.thunderbird.net/en-US/thunderbird/102.7.1/releasenotes/
  MFSA 2023-04
  * CVE-2023-0430 (bmo#1769000)
    Revocation status of S/Mime signature certificates was not checked
- update create-tar.sh

- Mozilla Thunderbird 102.7.0
  https://www.thunderbird.net/en-US/thunderbird/102.7.0/releasenotes/
  MFSA 2023-03 (bsc#1207119)
  * CVE-2022-46871 (bmo#1795697)
    libusrsctp library out of date
  * CVE-2023-23598 (bmo#1800425)
    Arbitrary file read from GTK drag and drop on Linux
  * CVE-2023-23599 (bmo#1777800)
    Malicious command could be hidden in devtools output on
    Windows
  * CVE-2023-23601 (bmo#1794268)
    URL being dragged from cross-origin iframe into same tab
    triggers navigation
  * CVE-2023-23602 (bmo#1800890)
    Content Security Policy wasn't being correctly applied to
    WebSockets in WebWorkers
  * CVE-2022-46877 (bmo#1795139)
    Fullscreen notification bypass
  * CVE-2023-23603 (bmo#1800832)
    Calls to <code>console.log</code> allowed bypasing Content
    Security Policy via format directive
  * CVE-2023-23605 (bmo#1764921, bmo#1802690, bmo#1806974)

OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaThunderbird?expand=0&rev=684

2023-02-01 07:54:38 +00:00

11 lines

343 B

Plaintext

Raw Blame History

 PRODUCT="thunderbird"
 CHANNEL="esr102"
 VERSION="102.7.1"
 VERSION_SUFFIX=""
 PREV_VERSION="102.7.0"
 PREV_VERSION_SUFFIX=""
 #SKIP_LOCALES="" # Uncomment to skip l10n and compare-locales-generation
 RELEASE_REPO="https://hg.mozilla.org/releases/comm-esr102"
 RELEASE_TAG="88d80acadbab4acb4d81cb2934caa807cd59e85a"
 RELEASE_TIMESTAMP="20230123204438"